
<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40">


<head>

<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">

<meta name=Generator content="Microsoft Word 11 (filtered medium)">

<style>

<!--

 /* Font Definitions */

 @font-face

        {font-family:Wingdings;

        panose-1:5 0 0 0 0 0 0 0 0 0;}

@font-face

        {font-family:Tahoma;

        panose-1:2 11 6 4 3 5 4 4 2 4;}

@font-face

        {font-family:Verdana;

        panose-1:2 11 6 4 3 5 4 4 2 4;}

 /* Style Definitions */

 p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0in;

        margin-bottom:.0001pt;

        font-size:12.0pt;

        font-family:"Times New Roman";}

a:link, span.MsoHyperlink

        {color:blue;

        text-decoration:underline;}

a:visited, span.MsoHyperlinkFollowed

        {color:purple;

        text-decoration:underline;}

p

        {mso-margin-top-alt:auto;

        margin-right:0in;

        mso-margin-bottom-alt:auto;

        margin-left:0in;

        font-size:12.0pt;

        font-family:"Times New Roman";}

span.EmailStyle17

        {mso-style-type:personal;

        font-family:Arial;

        color:windowtext;}

span.EmailStyle19

        {mso-style-type:personal-reply;

        font-family:Verdana;

        color:blue;

        font-weight:normal;

        font-style:normal;

        text-decoration:none none;}

@page Section1

        {size:8.5in 11.0in;

        margin:1.0in 1.25in 1.0in 1.25in;}

div.Section1

        {page:Section1;}

 /* List Definitions */

 @list l0

        {mso-list-id:54664924;

        mso-list-type:hybrid;

        mso-list-template-ids:388165754 -318327580 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}

@list l0:level1

        {mso-level-number-format:bullet;

        mso-level-text:>;

        mso-level-tab-stop:.5in;

        mso-level-number-position:left;

        text-indent:-.25in;

        font-family:Verdana;}

ol

        {margin-bottom:0in;}

ul

        {margin-bottom:0in;}

-->

</style>


</head>


<body lang=EN-US link=blue vlink=purple>


<div class=Section1>


<div>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><b><font

size=2 face=Tahoma><span style='font-size:10.0pt;font-family:Tahoma;font-weight:

bold'>From:</span></font></b><font size=2 face=Tahoma><span style='font-size:

10.0pt;font-family:Tahoma'> bind-users-bounces@lists.isc.org

[mailto:bind-users-bounces@lists.isc.org] <b><span style='font-weight:bold'>On

Behalf Of </span></b>Jeff Lightner<br>

<b><span style='font-weight:bold'>Sent:</span></b> Friday, March 13, 2009 16:15<br>

<b><span style='font-weight:bold'>To:</span></b> bind-users@lists.isc.org<br>

<b><span style='font-weight:bold'>Subject:</span></b> Internal and External

view on same slave server?</span></font><o:p></o:p></p>


</div>


<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:

12.0pt'><o:p> </o:p></span></font></p>


<div>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><font

size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>We recently

decided to create internal and external views for some zones.   This

worked fine on the master server.<u1:p></u1:p></span></font><o:p></o:p></p>


<p class=MsoNormal style='text-indent:3.0pt'><font size=3 face="Times New Roman"><span

style='font-size:12.0pt'><u1:p><o:p> </o:p></span></font></p>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><font

size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>However,

initiating zone transfer on slave from master it loaded all the zone names

I’d created but put exactly the same information into both

sets.   This information was for the internal view which is the first

one in both named.conf files. <u1:p></u1:p></span></font><o:p></o:p></p>


<p class=MsoNormal style='text-indent:3.0pt'><font size=3 face="Times New Roman"><span

style='font-size:12.0pt'><u1:p><o:p> </o:p></span></font></p>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><font

size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>On doing

some research I saw mention of needing to configure different slaves for

internal and external view.   This mentioned need for separate IPs.<u1:p></u1:p></span></font><o:p></o:p></p>


<p class=MsoNormal style='text-indent:3.0pt'><font size=3 face="Times New Roman"><span

style='font-size:12.0pt'><u1:p><o:p> </o:p></span></font></p>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><font

size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>Since I

can’t just build a new slave server I instead opted to create an alias IP

using the same NIC as primary IP.  Of course the question there is how to

force the transfer request to come from the primary IP or the alias IP

dependent on which view the zone is in.  <u1:p></u1:p></span></font><o:p></o:p></p>


<p class=MsoNormal style='text-indent:3.0pt'><font size=3 face="Times New Roman"><span

style='font-size:12.0pt'><u1:p><o:p> </o:p></span></font></p>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><font

size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>Further

research suggested use of the transfer-source option in the view to specify the

IP to be used to request the transfer.   I added this.  

Also I already had allow-transfer for the primary IP.  I left that in the

external view zone entries in named.conf.  I then created a separate

allow-transfer in the internal view zone entries to use the alias IP. <u1:p></u1:p></span></font><o:p></o:p></p>


<p class=MsoNormal style='text-indent:3.0pt'><font size=3 face="Times New Roman"><span

style='font-size:12.0pt'><u1:p><o:p> </o:p></span></font></p>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><font

size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>On checking

logs I’m seeing REFUSED from the master in the slave’s logs but I

am seeing the slave’s alias IP making the request on the

master.   I don’t see the slave’s primary IP making requests

on the master.<u1:p></u1:p></span></font><o:p></o:p></p>


<p class=MsoNormal style='text-indent:3.0pt'><font size=3 face="Times New Roman"><span

style='font-size:12.0pt'><u1:p><o:p> </o:p></span></font></p>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><font

size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>Is what

I’m trying to do possible?  <u1:p></u1:p></span></font><o:p></o:p></p>


<p class=MsoNormal style='text-indent:3.0pt'><font size=3 face="Times New Roman"><span

style='font-size:12.0pt'><u1:p><o:p> </o:p></span></font></p>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><font

size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>If not can

someone explain why?  Given that I’m restricting the IP allowed to

transfer and the IP requesting the transfer it seems this should be

working.  At worst it seems it should only have quit working for one view

but its not working for either one.<u1:p></u1:p></span></font><o:p></o:p></p>


<p class=MsoNormal style='text-indent:3.0pt'><font size=3 face="Times New Roman"><span

style='font-size:12.0pt'><u1:p><o:p> </o:p></span></font></p>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><font

size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>If it is

possible can someone let me know how they’ve achieved it?<u1:p></u1:p></span></font><o:p></o:p></p>


<p class=MsoNormal style='text-indent:3.0pt'><font size=3 face="Times New Roman"><span

style='font-size:12.0pt'><u1:p><o:p> </o:p></span></font></p>


</div>


<div>


<p class=MsoNormal style='text-indent:3.0pt'><font size=3 face="Times New Roman"><span

style='font-size:12.0pt'><o:p> </o:p></span></font></p>


</div>


<div>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=3 face=Verdana><span style='font-size:12.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>      </span></font></span></span></font><![endif]><em><i><font

size=1 color=green face=Arial><span style='font-size:7.5pt;font-family:Arial;

color:green'>Please consider our environment before printing this e-mail or

attachments.</span></font></i></em> <o:p></o:p></p>


</div>


<div>


<p class=MsoNormal style='margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo1'><![if !supportLists]><font

size=2 face=Verdana><span style='font-size:10.0pt;font-family:Verdana'><span

style='mso-list:Ignore'>><font size=1 face="Times New Roman"><span

style='font:7.0pt "Times New Roman"'>       

</span></font></span></span></font><![endif]><font size=2 face=Arial><span

style='font-size:10.0pt;font-family:Arial'>----------------------------------<br>

CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential

information and is for the sole use of the intended recipient(s). If you are

not the intended recipient, any disclosure, copying, distribution, or use of

the contents of this information is prohibited and may be unlawful. If you have

received this electronic transmission in error, please reply immediately to the

sender that you have received the message in error, and delete it. Thank you.<br>

----------------------------------<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=blue face=Verdana><span style='font-size:

10.0pt;font-family:Verdana;color:blue'><o:p> </o:p></span></font></p>


<p class=MsoNormal><font size=2 color=blue face=Verdana><span style='font-size:

10.0pt;font-family:Verdana;color:blue'>Use TSIG to select the correct view…Example

at below URL from the BIND FAQ on www.isc.org.<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=blue face=Verdana><span style='font-size:

10.0pt;font-family:Verdana;color:blue'><o:p> </o:p></span></font></p>


<p class=MsoNormal><font size=2 color=blue face=Verdana><span style='font-size:

10.0pt;font-family:Verdana;color:blue'><a href="https://www.isc.org/node/282">https://www.isc.org/node/282</a>

<o:p></o:p></span></font></p>


<p class=MsoNormal><font size=2 color=blue face=Verdana><span style='font-size:

10.0pt;font-family:Verdana;color:blue'><o:p> </o:p></span></font></p>


<table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0>

 <tr>

  <td style='padding:0in 0in 0in 0in'>

  <p class=MsoNormal><font size=2 color="#333399" face=Verdana><span

  style='font-size:10.0pt;font-family:Verdana;color:#333399'>Justin Dixon<o:p></o:p></span></font></p>

  </td>

 </tr>

</table>


<p class=MsoNormal><font size=2 color=blue face=Verdana><span style='font-size:

10.0pt;font-family:Verdana;color:blue'><o:p> </o:p></span></font></p>


</div>


</div>


</body>


</html>